6ace4ddf63aa8d54b60f01e6aaa4638c27b49dfc64a707e35c004eee09de1c7f | Triage

Submit
Reports

Overview

overview

Static

static

8

范伟打�...PI.dll

windows7_x64

范伟打�...PI.dll

windows10-2004_x64

1

范伟打�...dm.dll

windows7_x64

范伟打�...dm.dll

windows10-2004_x64

范伟打�...dm.dll

windows7_x64

范伟打�...dm.dll

windows10-2004_x64

范伟打�...��.bat

windows7_x64

1

范伟打�...��.bat

windows10-2004_x64

1

范伟打�...�.docx

windows7_x64

1

范伟打�...�.docx

windows10-2004_x64

1

范伟打�...��.exe

windows7_x64

范伟打�...��.exe

windows10-2004_x64

1

范伟打�...��.bat

windows7_x64

7

范伟打�...��.bat

windows10-2004_x64

1

范伟打�...��.exe

windows7_x64

1

范伟打�...��.exe

windows10-2004_x64

1

Analysis

max time kernel
139s
max time network
173s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
24-05-2022 17:41

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

范伟打天下招财宝辅助/CrackCaptchaAPI.dll

Resource

win7-20220414-en

ramnit banker bootkit persistence spyware stealer trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

范伟打天下招财宝辅助/CrackCaptchaAPI.dll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

范伟打天下招财宝辅助/data/dm.dll

Resource

win7-20220414-en

ramnit banker spyware stealer trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

范伟打天下招财宝辅助/data/dm.dll

Resource

win10v2004-20220414-en

ramnit banker spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

范伟打天下招财宝辅助/dm.dll

Resource

win7-20220414-en

ramnit banker spyware stealer trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

范伟打天下招财宝辅助/dm.dll

Resource

win10v2004-20220414-en

ramnit banker spyware stealer trojan upx worm

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

范伟打天下招财宝辅助/如果出现白屏无法进入游戏请点击我清理IE垃圾.bat

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

范伟打天下招财宝辅助/如果出现白屏无法进入游戏请点击我清理IE垃圾.bat

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

范伟打天下招财宝辅助/打天下.docx

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

范伟打天下招财宝辅助/打天下.docx

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

范伟打天下招财宝辅助/招财宝辅助.exe

Resource

win7-20220414-en

ramnit banker spyware stealer trojan upx worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

范伟打天下招财宝辅助/招财宝辅助.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

范伟打天下招财宝辅助/清理缓存.bat

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

范伟打天下招财宝辅助/清理缓存.bat

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

范伟打天下招财宝辅助/精灵浏览器.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

范伟打天下招财宝辅助/精灵浏览器.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

范伟打天下招财宝辅助/清理缓存.bat
Size

419B
MD5

6322f531e4f7808f672fda11ce584acc
SHA1

b24b39661cc2f5e6983e30a64aaeae36dd6b155b
SHA256

0a56e87691b6ad5e51ca996764e47acf85f643e215f3507739fa92809edb179f
SHA512

278780fca8fcd6725066b15801a79e2f8aacf24a77fc23d76fe58fa88c620a44d3101515e2e869e64f713aee4ef600383d1f8986c958288b563bdfee9f8cc95d

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\范伟打天下招财宝辅助\清理缓存.bat"
1⤵
PID:4136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy